CVE-2020-15710
5.3
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H
Summary
Potential double free in Bluez 5 module of PulseAudio could allow a local attacker to leak memory or crash the program. The modargs variable may be freed twice in the fail condition in src/modules/bluetooth/module-bluez5-device.c and src/modules/bluetooth/module-bluez5-device.c. Fixed in 1:8.0-0ubuntu3.14.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Canonical | PulseAudio | 1:8.0 < 1:8.0-0ubuntu3.14 | affected |
Weaknesses
- CWE-415: CWE-415 Double Free
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.